Fedora Backpedals on Password Free Installation

Nov 20, 2009

A new feature in Fedora 12 was that users could install RPM packages from signed repositories without a root password. "Not good," said many users, so the project decided to reverse the policy.

On November 19, project lead Paul W. Frields announced the update to Fedora 12 that would reverse the unprivileged package installation policy. In his words, "The update will require local console users to enter the root password to install new software packages," no matter what the origins of the packages are .

One reason for the original change in Fedora 12 was to forego the complicated password dialogs in previous Fedora releases, with the root password required at the end anyway, but rather to rely on a role-based mechanism. Many developers and users were pleased by the new policy. Unfortunately the way that the policy was implemented for the release, it didn't work well on multi-user systems in that the privileges applied to all local users.

Details on the reversal in the PackageKit policy and the reasons behind it are in a posting by Owen Taylor. In it, it becomes clear that the password policy originally implemented for Fedora 12 was not the intended solution, but a quick compromise to get Fedora 12 out on time as promised. A Fedora 12 update should be available "quite soon."

Related content

  • (Update:) Fedora: Chronicle of a Server Break-in

    In August 2008, the Fedora team noticed irregularities on its server. Project leader Paul W. Frields has now released a detailed report of the break-in.

  • Fedora Investigates Security Incident

    "Based on the results of our investigation so far, we do not believe that any Fedora packages or other Fedora contributor accounts were affected by thiscompromise," said Fedora project leader, Jared Smith in an email to the Fedora announce mailing list.

  • Security Lessons: OpenID

    Outsourcing authentication services gives you access to more services – at a price. Kurt examines the pros and cons of distributed authentication.

  • Livecd-creator

    Fedora 7 comes with new tools for creating custom live CDs and custom .iso files. We’ll show you how to get started with Fedora's new command-line tool, livecd-creator.

  • Spanish Government Reconsiders School Laptop Project

    A widespread project to equip Spanish primary students with laptops was under attack by the free software community for being an undercover operation from Microsoft to take over the educational system in the country. Now the government is considering a kind of dual booting system.

Comments

  • there's a way...

    Well, I added myself to the "wheel" and "adm" groups and, now, I need my own password and not root's to install and mount things... cool, huh?
comments powered by Disqus

Issue 169/2014

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News